10,380 ads for IT jobs from 783 companies

Choose from hundreds of technology whitepapers from leading industry experts including IBM, Cisco, Symantec and Citrix.

Covering IT categories including Data Management, Networking, Security and much more; CWJobs Whitepaper Directory is a great source for technical whitepapers and IT information. What's more, it is completely free of charge

Stay in touch with the latest IT information, trends and research today!

Register with CWJobs to receive Whitepaper and Employment related Updates

cyber hacking

Cyber-criminals are increasingly sophisticated and targeted in their attacks. If you are in charge of ensuring the security of your company’s website, it has not been easy going as these notable security incidents reveal:
• Sabre Systems—The reservation software company had data from Hard Rock Hotels, Google, Loews, and others, stolen as a result of the breach1.
• CIA—WikiLeaks obtained and published documents detailing the intelligence agency’s hacking efforts1.
• Virgin America—Thousands of employees and contractors had their login information compromised1.
• Equifax—The credit rating agency had a breach into highly sensitive personal information of 143 million U.S. consumers1.
• Universities and Federal Agencies—More than 60 universities and US federal organizations were compromised with SQL injections1.
There are numerous lessons to be learned from these breaches. Despite the growing stream of news stories about highly damaging attacks that compromise customer info

Today, a range of diverse cyber-adversaries — including nation-states, cybercriminals, competitors, hacktivists, and insiders/contractors — pose financial, reputational and regulatory risk to industrial and critical infrastructure organizations.
The business impact can include costly production downtime, safety failures, and environmental release of hazardous materials, as well as theft of corporate secrets such as sensitive information about formulas and proprietary manufacturing processes.
The challenge is compounded as organizations adopt digitization initiatives and IT/OT convergence to support the business — removing any “air-gaps” that may have existed in the past.
To help security and operations teams stay ahead of the latest ICS/SCADA threats, CyberX — the industrial cybersecurity company founded by military cyber experts with nation-state experience securing critical infrastructure — has partnered with SANS to create educational content about emerging ICS threat vectors and

Arm yourself against the powerful cyberweapons and
methods cyberattackers are using to compromise electrical
grids, manufacturing, oil and gas, pharmaceuticals, and
other critical infrastructure industries.

Cyberbreaches aren’t just in the news—they are the news. Yet headlines rarely mention the No. 1 source of those breaches: weak or stolen passwords. Whether they involve malware, hacking, phishing, or social engineering, the vast majority of breaches begin with account compromise and credential theft, followed by dormant lateral network movement and data exfiltration. In fact, weak or stolen passwords account for a staggering 81% of breaches, according to the Verizon 2017 Data Breach Investigations Report.
Not surprisingly, a new Okta-sponsored IDG survey finds that identity access management (IAM) is a top priority for nearly three-quarters (74%) of IT and security leaders. Yet the same survey uncovers widespread concern that their current IAM implementations are falling short. Just one worrisome example: Fewer than one-third (30%) of respondents report a good or better ability to detect a compromise of credentials.
The following report explores the gap between respondents’ aspiratio

There has been much speculation (not to mention exaggeration) over recent years about the fabled dark web. We’ve heard how this shady underworld is the refuge of the cybercriminal elite, and even nation-state threat actors. That this is their “Wolf’s Lair,” where they gather to plot the breaching of businesses, the downfall of governments, and the hacking of celebrities. As with much mainstream reporting of technology, and cyber threats in particular, there’s a grain of truth here. This less accessible and more volatile corner of the internet as we know it does offer those with less honourable motive a secret marketplace for their wares. The confusing terminology around what the dark web is or isn’t shouldn’t be a barrier to defenders realizing the anonymous communities, and how it can be used to produce valuable threat intelligence.

There has been much speculation (not to mention exaggeration) over recent years about the fabled dark web. We’ve heard how this shady underworld is the refuge of the cybercriminal elite, and even nation-state threat actors. That this is their “Wolf’s Lair,” where they gather to plot the breaching of businesses, the downfall of governments, and the hacking of celebrities. As with much mainstream reporting of technology, and cyber threats in particular, there’s a grain of truth here. This less accessible and more volatile corner of the internet as we know it does offer those with less honourable motive a secret marketplace for their wares. The confusing terminology around what the dark web is or isn’t shouldn’t be a barrier to defenders realizing the anonymous communities, and how it can be used to produce valuable threat intelligence.

Vulnerabilities in web applications are a major vector for cyber-crime. In large organizations, vulnerable web applications comprised 54% of all hacking breaches and led to 39% of compromised records, according to the 2012 Data Breach Investigation Report by Verizon Business.
This paper describes how large enterprises can effectively discover, catalog and scan web applications to control this major risk vector as part of their organization’s overall vulnerability management program.

Cyber criminals constantly innovate their threat tactics to more efficiently breach organizations and make off with valuable data. As cybercrime evolves, we see increased innovation in the hacking tools and techniques used to evade known security mechanisms. In the past few years, we have seen more advanced, targeted attacks, where hackers spent ample time investigating the target and tailoring the threat. Keeping up with new attack techniques, and effectively defending against advanced threats, is perhaps the biggest challenge facing security teams today. In a world of cyberthreats where the only constant is change, architecting a cybersecurity solution that dynamically adapts to constant change is crucial.

Protecting students from the millions of sites that house pornography, adult chat rooms, violence & hacking can provide not just a safe surfing atmosphere to minors in schools and libraries, but also qualify the institutions for federal E-rate funding through compliance with CIPA - the Children's Internet Protection Act.

Advanced persistent threats (APTs) have been central to network security discussions in the past few years, with many organizations implementing new solutions to protect themselves from this determined type of malware. Yet, cybercriminals continue to be effective in penetrating the network defenses of even the strongest security systems, including some very high-profile enterprises. One of the dirty little secret weapons hackers use to bypass security systems and penetrate even the most locked-down networks are advanced evasion techniques (AETs). While AETs are not a secret among the hacking community—where they are well known and have been in widespread use for several years—there are misunderstandings, misinterpretation, and ineffective safeguards in use by the security experts charged with blocking AETs.

Advanced persistent threats (APTs) have been central to network security discussions in the past few years, with many organizations implementing new solutions to protect themselves from this determined type of malware. Yet, cybercriminals continue to be effective in penetrating the network defenses of even the strongest security systems, including some very high-profile enterprises. One of the dirty little secret weapons hackers use to bypass security systems and penetrate even the most locked-down networks are advanced evasion techniques (AETs). While AETs are not a secret among the hacking community—where they are well known and have been in widespread use for several years—there are misunderstandings, misinterpretation, and ineffective safeguards in use by the security experts charged with blocking AETs.